loop after loop conditional
77 views
Skip to first unread message
Jerry Jerry
May 20, 2020, 3:21:31 PM5/20/20
to Ansible Project
Trying to check if a user exists locally and if true, check to see if it has sudo rights. I can't seem to process the second loop. I tried using out.results.item but error:
fatal: [hostname]: FAILED! => {"msg": "'list object' has no attribute 'item'"}
---
- hosts: all
gather_facts: no
become: yes
tasks:
- name: check user exists
command: grep {{ item }} /etc/passwd
failed_when: False
register: out
with_items:
- user1
- user2
- user3
- debug:
var: out
- name: check if existing user is in sudoers
command: grep {{ item }} /etc/sudoers
with_items: "{{ out.results }}"
register: message
- debug:
var: message
Dick Visser
May 20, 2020, 3:49:30 PM5/20/20
to ansible...@googlegroups.com
You forgot the output.
Also, what is your high level goal.
Why do you need to know if a user exists and has sudo permission.
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/780471fd-cc97-4a8d-930e-147784254c80%40googlegroups.com.
Sent from a mobile device - please excuse the brevity, spelling and punctuation.
Jerry Jerry
May 20, 2020, 3:58:07 PM5/20/20
to Ansible Project
My bigger question is how to run a loop with with_items then process the output in the second play.
The objective is to see if user1, user2, user3 exist locally make sure they have sudo rights.
when my play tries to process out.results.item:
- name: check if existing user is in sudoers
command: grep {{ item }} /etc/sudoers
with_items: "{{ out.results.item }}"
register: message
TASK [check if existing user is in sudoers] ****************************************************************************************************************************************************************
fatal: [hostname]: FAILED! => {"msg": "'list object' has no attribute 'item'"}
to retry, use: --limit @/opt/rhel-ansible/check_sudo_users.retry
To unsubscribe from this group and stop receiving emails from it, send an email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/780471fd-cc97-4a8d-930e-147784254c80%40googlegroups.com.
Jerry Jerry
May 20, 2020, 3:59:42 PM5/20/20
to Ansible Project
If I leave the playbook like this:
- name: check if existing user is in sudoers
command: grep {{ item }} /etc/sudoers
with_items: "{{ out.results }}"
register: message
it attempts to run a grep on all output from out.results.
Dick Visser
May 20, 2020, 6:02:45 PM5/20/20
to ansible...@googlegroups.com
On Wed, 20 May 2020 at 21:58, Jerry Jerry <jer...@gmail.com> wrote:
My bigger question is how to run a loop with with_items then process the output in the second play.The objective is to see if user1, user2, user3 exist locally make sure they have sudo rights.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/71a7ca09-47be-4d03-92e4-8e741dc0bf94%40googlegroups.com.
Jerry Jerry
May 20, 2020, 7:44:03 PM5/20/20
to ansible...@googlegroups.com
This almost works but I cant make it skip when the grep root /etc/password fails. I dont understand how to access out.rc when using a loop. My when statement doesnt work. I am not as interested in this task as I am pulling rc from a loop then using it in the next loop.
---
- hosts: all
gather_facts: no
become: yes
- hosts: all
gather_facts: no
become: yes
vars:
check_users:
- root
- admin
- oracle
check_users:
- root
- admin
- oracle
tasks:
- name: check user exists
shell: grep {{ item }} /etc/passwd
failed_when: False
register: out
with_items: "{{ check_users }}"
failed_when: False
register: out
with_items: "{{ check_users }}"
- name: check if existing user is in sudoers
command: grep {{ item }} /etc/sudoers
failed_when: False
# when: item.1.rc == 0
register: check_sudoers
with_items: "{{ check_users }}"
- debug:
var: check_sudoers
# when: item.1.rc == 0
register: check_sudoers
with_items: "{{ check_users }}"
- debug:
var: check_sudoers
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAL8fbwOQ0d7mGMGX_6KZYk-DGpKwCSoPS7%2BcMJ6cazKbzN1DxQ%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages